思科PIX防火墙VPN的配置实例
编辑:rootadmin
一、Pix-Pix
整理分享思科PIX防火墙VPN的配置实例 ,希望有所帮助,仅作参考,欢迎阅读内容。
内容相关其他词:,内容如对您有帮助,希望把内容链接给更多的朋友!
PIXCentral Buildingconfiguration... :Saved : PIXVersion6.3(3) interfaceethernet0auto interfaceethernet1auto nameifethernet0outsidesecurity0 nameifethernet1insidesecurity enablepassword8Ry2YjIyt7RRXUencrypted passwd2KFQnbNIdI.2KYOUencrypted hostnamepix-central fixupprotocoldn*aximum-length fixupprotocolftp fixupprotocolhh fixupprotocolhras- fixupprotocolhttp fixupprotocolrsh fixupprotocolrtsp fixupprotocolsip fixupprotocolsipudp fixupprotocolskinny fixupprotocol*tp fixupprotocolsqlnet fixupprotocoltftp names !---ThisistraffictoPIX2. access-listpermitip.1.1.....2.2....0 !---ThisistraffictoPIX3. access-listpermitip.1.1.....3.3....0 !---DonotdoNetworkAddressTranslation(NAT)ontraffictootherPIXes. access-listpermitip.1.1.....2.2....0 access-listpermitip.1.1.....3.3....0 pagerlines loggingon mtuoutside mtuinside ipaddressoutside......0 ipaddressinside.1.1....0 ipaudit*actionalarm ipauditattackactionalarm pdmhistoryenable arptimeout !---DonotdoNATontraffictootherPIXes. nat(inside)0access-list routeoutside0.0.0..0.0.... timeoutxlate3:: timeoutconn1::half-closed0::udp0::rpc0::h:: timeouth::mgcp0::sip0::sip_media0:: timeoutuauth0::absolute aaa-serverTACACS+protocoltacacs+ aaa-serverRADIUSprotocolradius aaa-serverLOCALprotocollocal nosnmp-serverlocation nosnmp-servercontact snmp-servercommunitypublic snmp-serverenabletraps floodguardenable sysoptconnectionpermit-ipsec cryptoipsectransform-setmysetesp-desesp-md5-hmac !---ThisistraffictoPIX2. cryptomapnewmapipsec-isakmp cryptomapnewmapmatchaddress cryptomapnewmapsetpeer... cryptomapnewmapsettransform-setmyset !---ThisistraffictoPIX3. cryptomapnewmapipsec-isakmp cryptomapnewmapmatchaddress cryptomapnewmapsetpeer... cryptomapnewmapsettransform-setmyset cryptomapnewmapinterfaceoutside isakmpenableoutside isakmpkey********address...netmask... no-xauthno-config-mode isakmpkey********address...netmask... no-xauthno-config-mode isakmpidentityaddress isakmppolicyauthenticationpre-share isakmppolicyencryptiondes isakmppolicyhashmd5 isakmppolicygroup1 isakmppolicylifetime telnettimeout5 sshtimeout5 consoletimeout0 terminalwidth Cryptochecksum:dd8cdfbeecfe :end PIX2 Buildingconfiguration... :Saved : PIXVersion6.3(3) interfaceethernet0auto interfaceethernet1auto nameifethernet0outsidesecurity0 nameifethernet1insidesecurity enablepassword8Ry2YjIyt7RRXUencrypted passwd2KFQnbNIdI.2KYOUencrypted hostnamepix2 fixupprotocoldn*aximum-length fixupprotocolftp fixupprotocolhh fixupprotocolhras- fixupprotocolhttp fixupprotocolrsh fixupprotocolrtsp fixupprotocolsip fixupprotocolsipudp fixupprotocolskinny fixupprotocol*tp fixupprotocolsqlnet fixupprotocoltftp names !---ThisistraffictoPIXCentral. access-listpermitip.2.2.....1.1....0 !---DonotdoNATontraffictoPIXCentral. access-listpermitip.2.2.....1.1....0 pagerlines loggingon mtuoutside mtuinside ipaddressoutside......0 ipaddressinside.2.2....0 ipaudit*actionalarm ipauditattackactionalarm nofailover failovertimeout0:: failoverpoll nofailoveripaddressoutside nofailoveripaddressinside pdmhistoryenable arptimeout !---DonotdoNATontraffictoPIXCentral. nat(inside)0access-list routeoutside0.0.0..0.0.... timeoutxlate3:: timeoutconn1::half-closed0::udp0::rpc0::h:: timeouth::mgcp0::sip0::sip_media0:: timeoutuauth0::absolute aaa-serverTACACS+protocoltacacs+ aaa-serverRADIUSprotocolradius aaa-serverLOCALprotocollocal nosnmp-serverlocation nosnmp-servercontact snmp-servercommunitypublic nosnmp-serverenabletraps floodguardenable sysoptconnectionpermit-ipsec cryptoipsectransform-setmysetesp-desesp-md5-hmac !---ThisistraffictoPIXCentral. cryptomapnewmapipsec-isakmp cryptomapnewmapmatchaddress cryptomapnewmapsetpeer... cryptomapnewmapsettransform-setmyset cryptomapnewmapinterfaceoutside isakmpenableoutside isakmpkey********address...netmask... no-xauthno-config-mode isakmpidentityaddress isakmppolicyauthenticationpre-share isakmppolicyencryptiondes isakmppolicyhashmd5 isakmppolicygroup1 isakmppolicylifetime telnettimeout5 sshtimeout5 consoletimeout0 terminalwidth Cryptochecksum:dd8cdfbeecfe :end PIX3Configuration Buildingconfiguration... :Saved : PIXVersion6.3(3) interfaceethernet0auto interfaceethernet1auto nameifethernet0outsidesecurity0 nameifethernet1insidesecurity enablepassword8Ry2YjIyt7RRXUencrypted passwd2KFQnbNIdI.2KYOUencrypted hostnamepix3 fixupprotocoldn*aximum-length fixupprotocolftp fixupprotocolhh fixupprotocolhras- fixupprotocolhttp fixupprotocolrsh fixupprotocolrtsp fixupprotocolsip fixupprotocolsipudp fixupprotocolskinny fixupprotocol*tp fixupprotocolsqlnet fixupprotocoltftp names !---ThisistraffictoPIXCentral. access-listpermitip.3.3.....1.1....0 !---DonotdoNATontraffictoPIXCentral. access-listpermitip.3.3.....1.1....0 pagerlines loggingon mtuoutside mtuinside ipaddressoutside......0 ipaddressinside.3.3....0 ipaudit*actionalarm ipauditattackactionalarm nofailover failovertimeout0:: failoverpoll nofailoveripaddressoutside nofailoveripaddressinside pdmhistoryenable arptimeout !---DonotdoNATontraffictoPIXCentral. nat(inside)0access-list routeoutside0.0.0..0.0.... timeoutxlate3:: timeoutconn1::half-closed0::udp0::rpc0::h:: timeouth::mgcp0::sip0::sip_media0:: timeoutuauth0::absolute aaa-serverTACACS+protocoltacacs+ aaa-serverRADIUSprotocolradius aaa-serverLOCALprotocollocal nosnmp-serverlocation nosnmp-servercontact snmp-servercommunitypublic nosnmp-serverenabletraps floodguardenable sysoptconnectionpermit-ipsec cryptoipsectransform-setmysetesp-desesp-md5-hmac !---ThisistraffictoPIXCentral. cryptomapnewmapipsec-isakmp cryptomapnewmapmatchaddress cryptomapnewmapsetpeer... cryptomapnewmapsettransform-setmyset cryptomapnewmapinterfaceoutside isakmpenableoutside isakmpkey********address...netmask... no-xauthno-config-mode isakmpidentityaddress isakmppolicyauthenticationpre-share isakmppolicyencryptiondes isakmppolicyhashmd5 isakmppolicygroup1 isakmppolicylifetime telnettimeout5 sshtimeout5 consoletimeout0 terminalwidth Cryptochecksum:aa3bbd8cdbe1e0bce4 :end标签: 思科PIX防火墙VPN的配置实例
本文链接地址:https://www.iopcc.com/jiadian/35307.html转载请保留说明!
